diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-08-08 12:45:30 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-08-08 12:45:30 +0000 |
| commit | 551b01816473e54a6e1f016eb785582cccb85212 (patch) | |
| tree | 9a5f99697ecde2f99e02d0b588b224ae28de9b6b /sys | |
| parent | 2925e337b88ce6094d3823ef79a07f76a8a42618 (diff) | |
| download | FreeBSD-src-551b01816473e54a6e1f016eb785582cccb85212.zip FreeBSD-src-551b01816473e54a6e1f016eb785582cccb85212.tar.gz | |
Due to layering problems, remove the MAC checks from vn_rdwr() -- this
VOP wrapper is called from within file systems so can result in odd
loopback effects when MAC enforcement is use with the active (as
opposed to saved) credential. These checks will be moved elsewhere.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/vfs_vnops.c | 17 |
1 files changed, 4 insertions, 13 deletions
diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c index 09dcf58..9657c3b 100644 --- a/sys/kern/vfs_vnops.c +++ b/sys/kern/vfs_vnops.c @@ -394,19 +394,10 @@ vn_rdwr(rw, vp, base, len, offset, segflg, ioflg, cred, aresid, td) auio.uio_segflg = segflg; auio.uio_rw = rw; auio.uio_td = td; - if (rw == UIO_READ) { -#ifdef MAC - error = mac_check_vnode_op(cred, vp, MAC_OP_VNODE_READ); - if (error == 0) -#endif - error = VOP_READ(vp, &auio, ioflg, cred); - } else { -#ifdef MAC - error = mac_check_vnode_op(cred, vp, MAC_OP_VNODE_WRITE); - if (error == 0) -#endif - error = VOP_WRITE(vp, &auio, ioflg, cred); - } + if (rw == UIO_READ) + error = VOP_READ(vp, &auio, ioflg, cred); + else + error = VOP_WRITE(vp, &auio, ioflg, cred); if (aresid) *aresid = auio.uio_resid; else |
